Redscan Labs: Security advice to protect your business against the KRACK WPA2 vulnerability

Redscan Labs: Security advice to protect your business against the KRACK WPA2 vulnerability

16 October 2017Share:

A serious weakness in WPA2, a protocol used to secure modern Wi-Fi networks, has emerged that makes it possible for hackers to decrypt transmitted data.

The exploit for the vulnerability has the codename Krack, short for Key Reinstallation AttaCK, and works by targeting the 4-way handshake of the WPA2 protocol. The exploit may allow packet sniffing, connection hijacking, malware injection, and even decryption of the protocol itself.

The identified weakness is inherent in the WPA2 standard and its therefore not depended on specific products or configurations.

Limitations of the attack

To utilise the Krack exploit, attackers needs to be within range of the target network. While an intruder may be able to capture data sent and received across a compromised network, he or she won’t be able to obtain sensitive data that is communicated via a secured connection that uses end-to-end encryption.

How to stay safe

To minimise your organisation’s risk, Redscan offers the following advice:

Advise employees against using public Wi-Fi hot spots

Only connect to secured websites that use HTTPS

Where possible, use services that are secured via Transport Layer Security (TLS)

Ensure relevant security updates are installed as soon as they become available (regular vulnerability assessments can help with this)

More information

Redscan will be monitoring closely the Common Vulnerabilities and Exposures (CVE) related to the exploit and will, if necessary, provide further updates. If you have any questions or concerns in the meantime, feel free to contact our CSOC team.

We use cookies for security, to optimise your browsing experience and anonymously analyse site traffic.Accepting necessary cookies is required to provide you with a minimum level of service. Learn more